How usecure Enabled Heffron to Reduce Its Human Cyber Risk
At a Glance:
- Human Risk Score Reduction: From 617 to 566 in just six months.
- Enhanced Cybersecurity Awareness: Significant improvement in employees’ ability to identify security threats.
- Regular Training & Simulations: Automated phishing tests and ongoing education created a vigilant workplace.
About Heffron
Founded in 1998 and headquartered in Maitland, NSW, Australia, Heffron provides education, support, and administration services for self-managed pension fund trustees and professionals. With a dedicated team of experts, Heffron empowers clients to navigate the complexities of managing pension funds, ensuring they achieve the most rewarding outcomes for their retirement.
The Challenge
In the fast-paced financial services industry, safeguarding sensitive client data and retirement funds is paramount. Heffron faced a pressing challenge when an employee mistakenly responded to a phishing email, exposing the company to potential risks. While no data was compromised, this incident underscored the urgent need for comprehensive cybersecurity training beyond just the IT department.
To protect their clients’ interests, Heffron's leadership recognized that every employee needed training in identifying and reporting phishing attempts. They sought a solution that could deliver effective training efficiently and required minimal administration from the IT team.
The Solution
usecure stepped in to help Heffron mitigate human error and reduce breach risks. The platform offers tailored learning modules addressing each employee's risk profile, complemented by realistic phishing simulations to reinforce training.
After reviewing several options, the head of IT at Heffron chose usecure for its automation capabilities and robust reporting features. The platform allowed for the easy deployment of engaging video courses and phishing tests, creating a comprehensive training regimen that kept employees informed about the latest cyber threats.
The Results
Six months post-implementation, Heffron's IT department noted remarkable progress. Regular training sessions had equipped employees with the knowledge needed to spot even the most sophisticated phishing attempts. The organization fostered a culture of open discussion about cybersecurity, significantly enhancing awareness across all levels.
Key outcomes included:
Decreased Human Risk Score: Heffron’s human risk score dropped from 617 in November 2022 to 566 by April 2023.
Improved Phishing Compromise Rate: The average compromise rate plummeted from 7.6% to just 2.1%.
How They Did It
Heffron utilized usecure’s Auto Phish tool to automate phishing simulations every four weeks. This innovative approach randomized the timing and content of the simulations, making it challenging for employees to predict and tip each other off. Those who fell for a simulated phishing email were automatically enrolled in refresher training courses, keeping them on alert for potential scams.
Additionally, high-risk users in departments like finance and human resources were identified and enrolled in specialized training from usecure's extensive course library, ensuring that critical departments remained vigilant against emerging threats.
Get Started with usecure
Empower your team to prevent breaches like Heffron did. Discover how usecure’s award-winning Human Risk Management solution can transform your approach to cybersecurity.
👉 Sign Up for a Free 14-day Trial or request a demo to see usecure in action!